~sircmpwn/sr.ht-discuss

9 2

Can't clone with https on self hosted instance

Details
Message ID
<9d0d412e-7faa-8943-2c6c-b7136827b4b0@augendre.info>
DKIM signature
missing
Download raw message
Hello,

I just spent a couple of hours setting up a self-hosted instance of 
git.sr.ht.

First, a quick note: it was impossible to use ssh to pull/push to git 
repos unless I added a password to the `git` user on a fresh alpine 
install. Maybe this should be documented? I can send a patch if needed.

Now onto my issue: I can't clone using https.

Here's the log from the git clone command:

$ git clone https://git.srht.augendre.info/~crocmagnon/test
Cloning into 'test'...
remote: 403 Forbidden
fatal: unable to access 
'https://git.srht.augendre.info/~crocmagnon/test/': The requested URL 
returned error: 403

I found nothing in the logs, only the 403 request in nginx/access.log. 
Nothing appears in git.sr.ht.log.

Here's my git.sr.ht nginx conf: 
https://paste.sr.ht/~crocmagnon/2d75fbf675d4bc4a32d1a89fbec6585a9be3bfb5

Permissions on the fcgiwrap socket seem ok (root is part of www-data):
srwxrwxr-x    1 fcgiwrap www-data         0 Nov 20 20:17 
/var/run/fcgiwrap/fcgiwrap.sock

Thanks for the help!

-- 
Gabriel Augendre
Details
Message ID
<3600d142-8178-c1df-a9ab-55405036ae95@augendre.info>
In-Reply-To
<9d0d412e-7faa-8943-2c6c-b7136827b4b0@augendre.info> (view parent)
DKIM signature
missing
Download raw message
A few things I forgot to mention:

* The repo is public
* I have another nginx to handle all my incoming http(s) traffic before 
git.sr.ht's. Here's the config: 
https://paste.sr.ht/~crocmagnon/b403d67a5c716d74bf3cd00e301ca329d81961ca
In this config, http://192.168.0.56:80 is the git.sr.ht host.

-- 
Gabriel Augendre
Details
Message ID
<C78ZY81P1XSK.2FN96MJKHGZJR@taiga>
In-Reply-To
<3600d142-8178-c1df-a9ab-55405036ae95@augendre.info> (view parent)
DKIM signature
missing
Download raw message
Check your logs in /var/log/gitsrht-*

These files need to (1) exist and (2) be writable by git:git, neither of
which is done for you (sorry)
Details
Message ID
<F18BC8F1-4DBF-4283-AF96-89390D017AF9@augendre.info>
In-Reply-To
<C78ZY81P1XSK.2FN96MJKHGZJR@taiga> (view parent)
DKIM signature
missing
Download raw message
Yeah I noticed some issues when cloning with ssh indeed, I created and chowned the ones that were mentioned in stderr.
Could you please list all the files that should exist? Maybe I’m missing some?

-- 
Gabriel Augendre
Sent from a mobile device / Envoyé depuis un appareil mobile
Details
Message ID
<C7904JRZW4PQ.2LVJ4GS2FMEY0@taiga>
In-Reply-To
<F18BC8F1-4DBF-4283-AF96-89390D017AF9@augendre.info> (view parent)
DKIM signature
missing
Download raw message
gitsrht-shell, gitsrht-dispatch, gitsrht-keys, gitsrht-update-hook.

That should be all of them, I think.
Details
Message ID
<ac3bdde1-b4b0-26d8-3652-1f9996cdf8c1@augendre.info>
In-Reply-To
<C7904JRZW4PQ.2LVJ4GS2FMEY0@taiga> (view parent)
DKIM signature
missing
Download raw message
Thanks,
Here's what I have:
-rw-r--r--    1 git      git         4.4K Nov 20 21:22 git.sr.ht.log
-rw-r--r--    1 git      git        13.7K Nov 21 08:29 gitsrht-dispatch
-rw-r--r--    1 git      git        23.5K Nov 21 08:29 gitsrht-keys
-rw-r--r--    1 git      git         4.9K Nov 21 08:29 gitsrht-shell
-rw-r--r--    1 git      git          648 Nov 20 21:07 gitsrht-update-hook

I did a `tail -f git*` and tried to `git clone` with https but nothing 
moved.

-- 
Gabriel Augendre
Details
Message ID
<C7907GBU0CB2.2JOE5FXDSOY77@taiga>
In-Reply-To
<ac3bdde1-b4b0-26d8-3652-1f9996cdf8c1@augendre.info> (view parent)
DKIM signature
missing
Download raw message
Hm, try the nginx logs.
Details
Message ID
<fd3490ac-420a-dd5d-c696-e19647570f57@augendre.info>
In-Reply-To
<C7907GBU0CB2.2JOE5FXDSOY77@taiga> (view parent)
DKIM signature
missing
Download raw message
Sadly nothing useful, at least I guess

tail -f /var/log/nginx/*

==> nginx/access.log <==
192.168.0.10 - - [21/Nov/2020:15:16:44 +0100] "GET 
/~crocmagnon/test/info/refs?service=git-upload-pack HTTP/1.0" 403 15 "-" 
"git/2.29.2" "[some ipv6 address]"

-- 
Gabriel Augendre
Details
Message ID
<C7908P1XC1VB.3CGRMF77M0PDL@taiga>
In-Reply-To
<fd3490ac-420a-dd5d-c696-e19647570f57@augendre.info> (view parent)
DKIM signature
missing
Download raw message
Not sure what to tell you. Double check your fcgiwrap config, and start
debugging.
Details
Message ID
<653215af-fbd8-6ef4-bfa1-ecb16a3fe7fa@augendre.info>
In-Reply-To
<C7908P1XC1VB.3CGRMF77M0PDL@taiga> (view parent)
DKIM signature
missing
Download raw message
I'll try that :)
Do you have any hint on how to "start debugging"? Maybe just some search 
engine for "debug fcgiwrap"?

Thanks again, I'll post here when I find a solution.

-- 
Gabriel Augendre
Reply to thread Export thread (mbox)